What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-06-03 23:10:57 | Two issues in Zoom could have allowed code execution (lien direct) | Researchers from Cisco Talos disclosed two critical flaws in the Zoom software that could have allowed attackers to hack into the systems via chat. Zoom is one of the most popular video-conferencing software, every day it is used by millions of users, especially during the COVID outbreak. Cybersecurity researchers from Cisco Talos have disclosed two critical vulnerabilities […] | Hack | ||
|
2020-06-03 22:21:07 | Tor Browser 9.5 is available for download, with new interesting features (lien direct) | Tor Browser 9.5 includes important security updates to Firefox, users on desktop will be able to opt-in for using onion sites automatically whenever the website makes them available. Starting with the release of Tor Browser 9.5, new features will make accessing onion addresses easier. Now, there is also an opt-in mechanism available for websites that want Tor […] | |||
|
2020-06-03 10:53:58 | Sodinokibi ransomware gang launches auction site to sell stolen data (lien direct) | REvil /Sodinokibi ransomware operators launch an auction site to sell data stolen from victims that have chosen to not pay the ransom. Sodinokibi ransomware operators are very active in this period, a few days after the gang has leaked the files allegedly stolen from the UK power grid middleman Elexon it has announced to launch […] | Ransomware | ||
|
2020-06-03 07:56:58 | Russia-linked APT exploited at least 3 Exim flaws in recent attacks (lien direct) | Several flaws in the Exim mail transfer agent (MTA) have been exploited by Russia-linked hackers, hundreds of thousands of servers are still unpatched. Russia-linked threat actors have exploited several vulnerabilities in the Exim mail transfer agent (MTA) in their campaigns. Last week, the U.S. National Security Agency (NSA) warned that Russia-linked APT group tracked Sandworm Team has been […] | Threat | ||
|
2020-06-02 20:51:13 | SecurityAffairs awarded as Best European Cybersecurity Technical Blog (lien direct) | I’m proud to announce that SecurityAffairs was awarded as Best European Cybersecurity Technical Blog at European Cybersecurity Blogger Awards. The winners of the annual European Cybersecurity Blogger Awards have been announced. With over a 1000 names put forward, the shortlists for the 12 awards were put to the public vote, and winners were announced via […] | |||
|
2020-06-02 15:30:51 | IP-in-IP flaw affects devices from Cisco and other vendors (lien direct) | A flaw in the IP-in-IP tunneling protocol that can be exploited for DoS attacks and to bypass security controls impact devices from Cisco and other vendors. A vulnerability that affects the IP-in-IP tunneling protocol (aka IP Encapsulation within IP) implemented by Cisco and other vendors could be exploited for denial-of-service (DoS) attacks and to bypass […] | Vulnerability | ||
|
2020-06-02 13:39:48 | There was no data breach in the cyberattack against Minneapolis Police (lien direct) | Last week a massive distributed denial-of-service (DDoS) attack shut down the websites and systems of Minneapolis, but there is no evidence of a breach. Over the weekend, Anonymous demanded justice for George Floyd and threatened to 'expose the many crimes' of Minneapolis Police. George Floyd was killed by a white police officer by kneeling on his neck […] | Data Breach | ||
|
2020-06-02 12:18:59 | Apple fixes CVE-2020-9859 zero-day used in recent Unc0ver jailbreak (lien direct) | This week Apple released security patches to address the CVE-2020-9859 zero-day vulnerability that had been used to jailbreak iPhones devices. Apple released security patches to address the CVE-2020-9859 zero-day vulnerability in the iOS kernel that had been used to jailbreak iPhones. The flaw was discovered by a team of cyber-security researchers and hackers that also […] | Vulnerability | ||
|
2020-06-02 09:02:22 | Critical flaw in VMware Cloud Director allows hackers to take over company infrastructure (lien direct) | Researchers disclosed a flaw in VMware Cloud Director platform, tracked as CVE-2020-3956, that could be abused to takeover corporate servers. Security researchers from hacking firm Citadelo disclosed details for a new critical vulnerability in VMware’s Cloud Director platform, tracked as CVE-2020-3956, that could be abused to takeover corporate servers. VMware Cloud Director is a cloud service-delivery platform […] | Vulnerability | ||
|
2020-06-02 07:49:11 | Sodinokibi ransomware operators leak files stolen from Elexon electrical middleman (lien direct) | The REvil/Sodinokibi ransomware operators have leaked the files allegedly stolen from the UK power grid middleman Elexon. In May Elexon, a middleman in the UK power grid network, was the victim of a cyber attack, its systems have been infected with the Sodinokibi ransomware. The incident impacted only affected the internal IT network, including the […] | Ransomware | ||
|
2020-06-01 19:54:26 | Expert earns $100,000 for \'Sign in with Apple\' authentication bypass bug (lien direct) | The expert Bhavuk Jain received an award of $100,000 for reporting a severe security issue in 'Sign in with Apple' authentication bypass bug that could allow the takeover of third-party user accounts. The bug hunter Bhavuk Jain received an award of $100,000 by Apple, as part of its bug bounty program, for reporting a severe […] | |||
|
2020-06-01 12:46:02 | VMware addresses Fusion flaw introduced in the attempt to fix CVE-2020-3950 issue (lien direct) | VMware has released an update to address a privilege escalation flaw in VMware for the macOS version of Fusion that was introduced by a previous patch. In March, VMware patched a high-severity privilege escalation vulnerability (CVE-2020-3950) in Fusion, Remote Console (VMRC) and Horizon Client for Mac. The CVE-2020-3950 is a privilege escalation vulnerability caused by the […] | Vulnerability | ||
|
2020-06-01 10:05:48 | The team behind the Joomla CMS discloses a data breach (lien direct) | Maintainers at the Joomla open-source content management system (CMS) announced a security breach that took place last week. Last week a member of the Joomla Resources Directory (JRD) team left an unencrypted full backup of the JRD site (resources.joomla.org) on an unsecured Amazon Web Services S3 bucket operated by the company. The company did not […] | Data Breach | ||
|
2020-06-01 08:20:50 | KingNull leaks DB of Daniel\'s Hosting dark web hosting provider (lien direct) | Earlier this year a hacker breached Daniel’s Hosting, the largest free web hosting provider for dark web hidden services and now leaked its DB. A threat actor has leaked the database of Daniel’s Hosting (DH), the largest free web hosting provider for dark web hidden services. The hacker has stolen the data in March when […] | Threat | ||
|
2020-05-31 20:12:35 | Anonymous demands justice for George Floyd and threatens attacks (lien direct) | The hacktivist collective group Anonymous demands justice for George Floyd and threatens to 'expose the many crimes' of Minneapolis Police. Anonymous demands justice for George Floyd and threatens to 'expose the many crimes' of Minneapolis Police. George Floyd was killed by a white police officer by kneeling on his neck for more than eight minutes. […] | |||
|
2020-05-31 13:20:47 | ENISA published “Proactive detection – Measures and information sources” report (lien direct) | EU Agency for Cybersecurity ENISA has published a new report of the proactive detection of incidents, including measures and information sources. The EU Agency for Cybersecurity ENISA has published a new report and accompanying repository on measures and information sources that could help security experts and operators of IT and critical infrastructure to proactively detect […] | |||
|
2020-05-31 11:17:15 | (Déjà vu) Coronavirus-themed attacks May 24 – May 30, 2020 (lien direct) | This post includes the details of the Coronavirus-themed attacks launched from May 24 to May 30, 2020. Threat actors exploit the interest in the Coronavirus outbreak while infections increase worldwide, experts are observing new campaigns on a daily bases. Below a list of attacks detected this week. May 26 – Hangzhou could permanently adopt COVID-19 […] | Threat | ||
|
2020-05-31 08:51:50 | Security Affairs newsletter Round 266 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Experts observed a spike in COVID-19 related malspam emails containing GuLoader Silent Night Zeus botnet available for sale in underground forums The Florida Unemployment System suffered a data breach Voter […] | Data Breach | ||
|
2020-05-31 08:20:24 | (Déjà vu) Over 100K+ WordPress sites using PageLayer plugin exposed to hack (lien direct) | Two security flaws in the PageLayer WordPress plugin can be exploited to potentially wipe the contents or take over WordPress sites. Security experts from WordFence discovered two high severity security vulnerabilities in the PageLayer WordPress plugin that could potentially allow attackers to wipe the contents or take over WordPress sites using vulnerable plugin versions. PageLayer is a WordPress page […] | Hack | ||
|
2020-05-30 19:29:25 | A new COVID-19-themed campaign targets Italian users (lien direct) | Security researchers uncovered a new COVID-19-themed campaign targeting users of the National Institute for Social Security (INPS). Security experts from D3Lab have uncovered a new COVID-19-themed phishing campaign that is targeting the users of the Italian National Institute for Social Security (INPS). Like a previous campaign observed in early April, threat actors set up a fake […] | Threat | ★★★ | |
|
2020-05-30 14:07:43 | (Déjà vu) NetWalker ransomware gang threatens to release Michigan State University files (lien direct) | Michigan State University is the last victim of the NetWalker ransomware, attackers threaten to leak stolen files if it will not pay the ransom in seven days. Michigan State University hit by ransomware gang, NetWalker ransomware operators are threatening to leak stolen files if the university will not pay the ransom in seven days. At […] | Ransomware | ||
|
2020-05-30 11:06:06 | API Security and Hackers: What\'s the Need? (lien direct) | API Security – There is a considerable demand for data-centric projects, that is why companies have quickly opened their data to their ecosystem through REST or SOAP APIs. APIs work as doors for a company – closely guarding data of an organization. However, there are some challenges created: how do we hold the doors open […] | |||
|
2020-05-30 10:19:13 | A New York man was charged with stealing credit card data via SQL Injection attacks (lien direct) | The US DoJ announced that a New York City man was charged with hacking, credit card trafficking, and money laundering conspiracies. New York City man Vitalii Antonenko (28) was charged with hacking, credit card trafficking, and money laundering conspiracies, states the US DoJ. The man was arrested in March 2019 and detained after his arrival […] | |||
|
2020-05-29 20:11:17 | ICT solutions provider NTT Com discloses security breach (lien direct) | NTT Communications (NTT Com), a subsidiary of tech giant NTT Corp, disclosed a data breach that impacted hundreds of customers. NTT Communications (NTT Com), a subsidiary of the tech giant NTT Corp, disclosed a data breach that impacted hundreds of customers. NTT Com provides network management, security and solution services[3] to consumers, corporations and governments. NTT Com […] | Data Breach | ||
|
2020-05-29 17:11:23 | Himera and AbSent-Loader Leverage Covid19 lures (lien direct) | Researchers at ZLab spotted a new phishing campaign using Covid19 lures to spread Himera and Absent-Loader. Introduction During our Cyber Defense monitoring activities we intercepted waves of incoming emails directed to many companies under our protective umbrella. These messages were leveraging FMLA (Family and Medical Leave Act) requests related to the ongoing COVID19 pandemics. These […] | |||
|
2020-05-29 12:22:52 | Octopus Scanner Malware: open source supply chain attack via NetBeans projects on GitHub (lien direct) | GitHub has issued a security alert warning of a malware campaign that is spreading on its platform via boobytrapped NetBeans Java projects. GitHub has issued a security alert warning of a piece of malware dubbed Octopus Scanner that is spreading on its platform via boobytrapped NetBeans Java projects. GitHub’s security team discovered the malicious code […] | Malware | ||
|
2020-05-29 09:44:43 | An archive with 20 Million Taiwanese\' citizens leaked in the dark web (lien direct) | Security experts from Cyble discovered in the dark web a database containing details of over 20 Million Taiwanese citizens. A few weeks ago, threat intelligence firm Cyble discovered in the dark web a database containing details of over 20 Million Taiwanese citizens. According to the experts, the leak includes government data of an entire country, […] | Threat | ||
|
2020-05-29 08:08:24 | Steganography in targeted attacks on industrial enterprises in Japan and Europe (lien direct) | Threat actors targeted industrial suppliers in Japan and several European countries in sophisticated attacks, Kaspersky reported. Researchers from Kaspersky's ICS CERT unit reported that threat actors targeted industrial suppliers in Japan and several European countries in sophisticated attacks. The experts first observed the attacks in early 2020, while in early May, threat actors targeted organizations […] | Threat | ||
|
2020-05-28 21:47:52 | Security breach impacted Cisco VIRL-PE infrastructure (lien direct) | Cisco discloses security breach that impacted VIRL-PE infrastructure, threat actors exploited SaltStack vulnerabilities to hack six company servers. Cisco has disclosed a security incident that impacted part of its VIRL-PE infrastructure, threat actors exploited vulnerabilities in the SaltStack software package to breach six company servers. These issues affect the following Cisco products running a vulnerable […] | Hack Threat | ||
|
2020-05-28 19:15:41 | NSA warns Russia-linked APT group is exploiting Exim flaw since 2019 (lien direct) | The U.S. NSA warns that Russia-linked APT group known as Sandworm Team have been exploiting a critical flaw in the Exim mail transfer agent (MTA). The U.S. National Security Agency (NSA) is warning that Russia-linked APT group tracked Sandworm Team has been exploiting a critical vulnerability (CVE-2019-10149) in the Exim mail transfer agent (MTA) software since […] | Vulnerability | ||
|
2020-05-28 16:45:54 | Israel \'s national cyber chief warns of rising of cyber-warfare (lien direct) | Israel's national cyber chief acknowledged the country had thwarted a major cyber attack in April against its water systems. Israel's national cyber chief Yigal Unna officially confirmed that the country in April had thwarted a major cyber attack against its water systems. The media, citing officials that spoke under condition of anonymity, attributed the “synchronized […] | |||
|
2020-05-28 13:14:15 | Google TAG report Q1 details about nation-state hacking and disinformation (lien direct) | Google Threat Analysis Group (TAG) has published today its first TAG quarterly report that analyzes rising trends in nation-state and financially motivated attacks. Google also discloses seven coordinated political influence campaigns that took place on its platforms during Q1 2020. The Google Threat Analysis Group (TAG) is a group inside the Google’s security team that […] | Threat | ||
|
2020-05-28 10:21:12 | Valak a sophisticated malware that completely changed in 6 months (lien direct) | Valak malware has rapidly changed over the past six months, it was initially designed as a loader, but now it implemented infostealer capabilities. The Valak malware completely changed over the past six months, it was first developed to act as a loader, but now it implements also infostealer capabilities. The malicious code fist appeared in […] | Malware | ||
|
2020-05-28 07:51:22 | Ke3chang hacking group adds new Ketrum malware to its arsenal (lien direct) | The Ke3chang hacking group added a new malware dubbed Ketrum to its arsenal, it borrows portions of code and features from older backdoors. The Ke3chang hacking group (aka APT15, Vixen Panda, Playful Dragon, and Royal APT) has developed new malware dubbed Ketrum by borrowing parts of the source code and features from their older Ketrican and […] | Malware | APT 15 APT 25 | |
|
2020-05-27 21:57:19 | Microsoft warns about ongoing PonyFinal ransomware attacks (lien direct) | Microsoft is warning organizations to deploy protections against a new strain of PonyFinal ransomware that has been in the wild over the past two months. Microsoft’s security team issued a series of tweets warning organizations to deploy protections against a new piece of ransomware dubbed PonyFinal that has been in the wild over the past […] | Ransomware | ||
|
2020-05-27 19:27:33 | Grandoreiro Malware implements new features in Q2 2020 (lien direct) | The updated Grandoreiro Malware equipped with latenbot-C2 features in Q2 2020 now extended to Portuguese banks Grandoreiro is a Latin American banking trojan targeting Brazil, Mexico, Spain, Peru, and has now extended to Portugal. Cybercriminals attempt to compromise computers to generate revenue by exfiltrating information from victims' devices, typically banking-related information. During April and May 2020, a […] | Malware | ||
|
2020-05-27 17:10:19 | Real estate app leaking thousands of user records and sensitive private messages (lien direct) | Real estate app leaking thousands of user records and sensitive private messages The CyberNews research team uncovered an unsecured Amazon Simple Storage Service bucket of confidential user chat logs belonging to Real estate app Tellus, a US-based software company. Tellus is a software company based in Palo Alto, California, backed by “well-known investors” that aims […] | |||
|
2020-05-27 16:34:48 | The evolution of ransomware in 2019: attackers think bigger, go deeper and grow more advanced (lien direct) | The number of ransomware attacks increased by 40 percent last year, according to Group-IB attackers think bigger and grow more advanced. Group-IB, a Singapore-based cybersecurity company that specializes in preventing cyberattacks, found out that the year of 2019 was marked by ransomware evolution and was dominated by increasingly aggressive ransomware campaigns, with its operators resorting to more cunning […] | Ransomware | ||
|
2020-05-27 14:12:27 | Researchers dismantled ShuangQiang gang\'s botnet that infected thousands of PCs (lien direct) | A joint operations conducted by experts from Chinese firms Qihoo 360 Netlab and Baidu dismantle the ShuangQiang ‘s botnet infecting over hundreds of thousands of systems. A joint operation conducted by Chinese security firm Qihoo 360 Netlab and tech giant Baidu disrupted a botnet operated by a group tracked as ShuangQiang (aka Double Gun) that infected […] | |||
|
2020-05-27 12:26:53 | Fuckunicorn ransomware targets Italy in COVID-19 lures (lien direct) | A new piece of ransomware dubbed FuckUnicorn it targeting Italy by tricking victims into downloading a fake COVID-19 contact tracing app. A new ransomware dubbed FuckUnicorn has been targeting computers in Italy by tricking victims into downloading a fake contact tracing app, named Immuni, that promises to provide real-time updates for the COVID-19 outbreak. The COVID-19-themed campaign […] | Ransomware | ||
|
2020-05-27 09:24:58 | Boris Johnson to reduce Huawei\'s role in national 5G network (lien direct) | UK Government will reduce the presence of the equipment manufactured by Chinese Huawei in its 5G network in the wake of the coronavirus outbreak. UK Government will reduce the presence of the equipment manufactured by the Chinese tech firm Huawei in its 5G network in the wake of the Coronavirus outbreak. Early this year, the […] | |||
|
2020-05-26 20:57:40 | StrandHogg 2.0 Android flaw affects over 1 Billion devices (lien direct) | Researchers disclosed a new critical vulnerability (CVE-2020-0096, aka StrandHogg 2.0) affecting the Android operating system that could allow attackers to carry out a sophisticated version of Strandhogg attack. A group of Norwegian researchers disclosed a critical flaw, tracked as CVE-2020-0096, affecting Android OS that could allow attackers to carry out a sophisticated version of the […] | Vulnerability | ||
|
2020-05-26 13:22:51 | New Turla ComRAT backdoor uses Gmail for Command and Control (lien direct) | Researchers uncovered a new advanced variant of Turla’s ComRAT backdoor that leverages Gmail’s web interface as C2 infrastructure. Cybersecurity researchers discovered a new version of the ComRAT backdoor, also known as Agent.BTZ, which is a malware that was employed in past campaigns attributed to the Turla APT group. Earlier versions of Agent.BTZ were used to […] | Malware | ||
|
2020-05-26 09:56:28 | Hangzhou could permanently adopt COVID-19 contact-tracing app (lien direct) | The City of Hangzhou is planning to make a contact tracing system developed to fight the COVID-19 pandemic permanent for its citizens. Hangzhou, one of the major tech hubs in China, is planning to permanently use the tracking system developed to fight the COVID-19 outbreak. The city’s health commission declared that the permanent version of […] | |||
|
2020-05-26 07:42:20 | Bugs in open-source libraries impact 70% of modern software (lien direct) | 70 percent of mobile and desktop applications that today we use are affected at least by one security flaw that is present in open-source libraries. According to the Veracode's annual State of Software Security report, 70 percent of mobile and desktop applications being used today have at least one security flaw that is the result of the […] | |||
|
2020-05-25 21:26:13 | Cisco fixed a critical issue in the Unified Contact Center Express (lien direct) | Cisco has released several security patches, including one for a critical issue, tracked as CVE-2020-3280, in the call-center software Unified Contact Center Express. Cisco released a set of security patches, including one for a critical flaw in its call-center software Unified Contact Center Express, tracked as CVE-2020-3280. The CVE-2020-3280 vulnerability is a remote code execution issue that […] | |||
|
2020-05-25 18:01:53 | Crooks hacked e-shops and threaten to sell SQL databases if ransom not paid (lien direct) | Threat actors are offering for sale more than two dozen SQL databases belonging to e-commerce websites for different countries. Hackers are offering for sale more than two dozen SQL databases stolen from online shops from multiple countries. Threat actors have compromised insecure servers exposed online and after copying the content of their websites they left […] | Threat | ||
|
2020-05-25 13:02:15 | Ragnar Ransomware encrypts files from virtual machines to evade detection (lien direct) | Ransomware encrypts from virtual machines to evade antivirus Ragnar Locker deploys Windows XP virtual machines to encrypt victim’s files, the trick allows to evaded detection from security software. Crooks always devise new techniques to evade detection, the Ragnar Locker is deploying Windows XP virtual machines to encrypt victim’s files while bypassing security measures. The Ragnar […] | Ransomware | ||
|
2020-05-25 08:59:32 | Maze ransomware operators leak credit card data from Costa Rica\'s BCR bank (lien direct) | Maze ransomware operators published credit card details stolen from the Bank of Costa Rica (BCR) threatening to leak other lots every week. Maze ransomware operators have released credit card data stolen from the Bank of Costa Rica (BCR) threatening to leak other lots every week. Early May, Maze Ransomware operators claimed to have hacked the […] | Ransomware | ||
|
2020-05-25 07:40:36 | 3 hacking forums have been hacked and database have been leaked online (lien direct) | Three hacking forums Nulled.ch, Sinfulsite.com, and suxx.to have been hacked and their databases have been leaked online Researchers from intelligence firm Cyble made the headlines again, this time they have discovered online the databases of three hacking forums. The three forums are Sinful Site, SUXX.TO and Nulled, they were all hacked. These cybercrime forums are places of aggregations for […] |
To see everything:
Our RSS (filtrered)
